*** Since the almighty godlike #glftpd efnet people are so amazingly helpful i decided to create an how to install glftpd.
*** PLEASE note that you should always read the official docs and have some unix/linux knowledge prior to start the
*** instalation. It does not matter how easy the HOWTO will make things because even if you copy and past everything
*** here and you manage to get glftpd working; you will need to understand how things work to setup your own settings in glftpd

*** I strongly recomend that you do not use any sort of package unix/linux management (apt-get, emerge, yum, pacman,
*** etc) to install glftpd. While there is technicly nothing wrong about doing the install that way you will however
*** be limited in the usage of glftpd regarding its secure versatilities and custom management that will be pre-set
*** by default by your package manager which in some cases (if not all) you canŽt really modify to secure at your own
*** preferences. I also advise to create a unique and restricted user to run ONLY glftpd and that you do a jail
*** install under that user. However creating a user is purely optional and not required.

GENERAL NOTES:THIS HOWTO is not gentoo specific and can be used with any other unix/linux distro

Originally done by jehsom and dn.
Made ready for the new era by turranius and psxc.
-----------------------------------------------------------

Before we begin: If this installer fails on your system, please
let the devs know. You find us on irc (efnet) in #glftpd. Thank you.
Also, any bugs found in glftpd itself should be reported either to
the board @ http://www.glftpd.com, in the irc channel, or both.

Press <enter> to continue.

1. TCPD SETUP:
--------------

Code:

Do you wish to use tcpd? If you are not sure then you should not
use it. If you decided to change this at a later time, please
search for tcpd in glftpd.docs for the required changes.

It seems you don't have tcpd installed, install it and try
again, or select not to use it next time. Aborting.

*** Go back to ./installgl.sh

*** If you choose NO

Code:

Use tcpd? [Y]es [N]o:
Installing glftpd without tcpd.

2. JAIL SETUP:
--------------

Code:

Do you want to run glftpd in a "Jailed" environment? In this
environment a private directory will be created and glftpd will
be installed inside. Regular shell users will not be able to get
inside this private directory. The glftpd.conf is also moved
inside for added security and a new group will be created so
you and other users you specify can access glftpd through the shell.

*** If you get this output: Path already exists. [D]elete it, [A]bort, [T]ry again, [I]gnore?
*** Ignore it or Delete to continue. If you abort; then go back to ./installgl.sh and restart the install
*** Ignore will continue. Delete will re-create it

Code:

Do you want to create a private group? If you say no then only root will
be able to access glftpd. Otherwise you can add other shell users to the
group so they can access glftpd from the shell.

Use a private group? [Y]es [No]: y

*** The use of a private group will be of your choice. The more people have access to
*** glftpd box shell group the less secure it will be. Setting to yes will output the following:

Code:

What would you like your private group to be called? [glftpd]:

*** Press enter for default choice or use your own
*** If you get:

Code:

Warning: Group already exists with the following users: peter, roy, kyle
What would you like to do: [D]elete it, [A]bort, [T]ry again, [I]gnore?

*** If the group did not exist and or had no users before you will be asked the following:

Code:

Who should have access to glftpd? (separate with ,):

*** Choose which users that have shell access to the box where glftpd runs; to have access
*** and be added to glftpd users group.
*** I added user peter and tester. Peter had a shell account in that box and tester did not.

*** THIS IS OPTIONAL. IF YOU ARE UNEXPERIENCED JUST PRESS ENTER TO SKIP THIS

Code:

Enter a service name for glftpd. This name will be used as the
service name mapped to the port in /etc/services, the name
used in your (x)inetd settings, and the name of your config-file.
NOTE: If you (wish to) have multiple instances of glftpd on the
same box, you *must* to change this.
Press <enter> for the default (ftpd)>

*** If you want to choose your service name other than the default one
*** You will get the following output:

Code:

You did not choose the default servicename for glftpd. If you plan on
having more than one instance of glftpd, you should change the ipc_key.
The ipc_key can be anything you want, but it must be unique. To make
things easy in this installer, you will be provided with 10 choices.
1: 0x0000BABE 2: 0xDEADBABE 3: 0x00C0FFEE 4: 0x12345678
5: 0x87654321 6: 0xBEEFBABE 7: 0xBADCOFEE 8: 0x0000BEEF
9: 0xDEADBEEF 0: 0x0000DEAD (default)

*** This setting also demands to be specified in glftpd.conf. Check the docs or my
*** glftpd.conf example for this setting.
*** You may choose any of these keys or quit the install and restart ./install.sh
*** once you get to ¨4. SERVICE SETUP & MULTI-INSTALL ¨ go with the default option and
*** press enter or if you choose to use a ipc_key because you might want to run other glftpd
*** servers in the same box later on you can go with choice ¨0¨ (default)
*** This setting is optional !!

*** If the service already existed replace it. (y). If it did not exist you will be sent to step 5.

*** You can just press enter to accecpt this port or simply choose your own port. Lets change it to 2121
*** NOTE: Do not initially put your ftpd on port 21...stick it on a really high port so you know it works
*** You will also have to add this port number to /etc/services or your /etc/xinetd.d/glftpd>
*** Check my xinetd.d-glftpd.txt example !

*** Leave it like this to have the ssl certificates inside glftpd root install
*** If you wish glftpd to use commun ssl certificates also used for other appplications
*** You can specify other ssl certificates in glftpd.conf

Code:

Please specify a generic name for this certificate.
This can be any name but should say something about the ftp server
like the name for it perhaps (press enter for glftpd):

ongratulations, glFtpD has been installed. Scroll up and note any errors
that needs fixing. ./installgl.debug contains a log of the installation process.

To get your site running, you must edit /jail/glftpd.conf according to
the instructions in /server/setup/docs/glftpd.docs.
For help, visit #glftpd on EFnet AFTER you've read (not skimmed) the docs/faq.

*** In case you wish to modify anything about your ssl certificate such as RSA vs DSA or it´s amount of bits
*** Inside glftpd install directory you will find a file called ¨create_server_key.sh¨. execute it.

Code:

# ./create_server_key.sh
create_server_key.sh v1.0 by Slask&HoE
Usage: ./create_server_key.sh [rsa] info
info - can be any word, and it should inform the client
about the server he is logging in (for example servername)
rsa - if you dont specify this then DSA key will be created
certificate is for 900 days and is self-signed

# The following switches can be used in inetd.conf:
# -B This will only allow connections from the port bouncer
# (connecting from localhost [127.0.0.1] will still work)
# -b This allows connections from a port bouncer or direct connections.
# -e This will use european week (Mon-Sun) when modifying stats
# -l Logs new dirs,deleted dirs,nukes,unnukes,logins,logouts to
# /glftpd/ftp-data/logs/glftpd.log and login.log in ascii.
# -L Works just like -l, but it will always log creation and
# deletion of directories to glftpd.log. The -l option only logs
# those if they are in dirlog path (specified in glftpd.conf).
# Most likely, you want to use -l, this is for special cases.
# -i Logs uploads to /glftpd/ftp-data/logs/xferlog.
#
# -I Disables ident lookups. Note that if you use tcpd, it will do
# an ident lookup independently from glftpd.
# -o Logs downloads /glftpd/ftp-data/logs/xferlog.
# -d Logs connections and all user commands to system logs as debug
# (usually /var/log/debug, but refer to your /etc/syslog.conf).
# -r <file> Use alternate glftpd.conf file.
# -t <seconds> Sets the default idle timeout period.
# -T <seconds> Sets the maximum idle timeout period a user may select using
# the 'site idle' command if he/she doesn't have a personal
# idle time set (site change user idle_time xx).
# -n <#> Number of DNS retries, 0 disables DNS resolving.
# -s <path> The full path to the glstrings binary (default is /glftpd/bin/glstrings.bin)
# Example: -s/home/glftpd/bin/myownglstrings.bin
# -x makes glftpd only log ips on errors. (by default everything will be logged)
# -X forces glftpd not to log ips (not even for error messages in login.log)

*** Add the following line to '/etc/services' or set it like the following example on xinet.d
*** glftpd <Port you want glftpd on>/tcp

Code:

# nano /etc/services

*** and add a line with

Code:

glftpd 2121/tcp

*** NOTE: e.g.: glftpd 8000/tcp # Glftpd
*** NOTE: Do not initially put your ftpd on port 21...stick it on a really high port so you know it works
*** NOTE: DO NOT PUT THE PORT RIGHT NEXT TO ANOTHER PORT, SPACE THEM OUT BY AT LEAST 5-10 PORTS

*** Lets edit/create glftpd xinetd script and you can add the following settings:

Code:

# nano /etc/xinetd.d/glftpd

Code:

service glftpd
{
// *** The following 5 options are optional
// port = 21 # setting the port here is optional
// log_type = FILE /var/log/glftpd.log # if you want to have xinet to create logs
// bind = <computer-hostame/ip if you want to have glftp on specific ip>
// only_from = <remove to allow all ips to connect or use ip or ip range>
// server = /usr/sbin/tcpd # setting tcpd here is optional